A new update of Netsparker Web Application Security Scanner is available for download. In this new version 3.1.4 we included small improvements to the user interface and also improvements the mechanics of the security scanner, such as improved the validation of the Custom 404 Error Page RegEx, improved the Cross-Site Scripting vulnerability template etc.
We have improved the Netsparker Scan Policy Editor dialog for better usability in this release. You no longer need to open the settings dialog to edit settings of a policy, the settings are just right below to the selected policy. This will save you a few clicks while you are customizing your policies.
Refer to the below list for more detailed information about what was improved and fixed in this new version of Netsparker.
Netsparker Improvements in this Build
- Added new keywords to the default list of sensitive keyword in Comments
- Improved Scan Policy Editor dialog to default to unique policy names when a new policy is created or cloned
- Improved Custom 404 RegEx validation to prevent empty patterns
- Improved HTML5 engine to ignore non-HTTP protocols on iframe sources
- Improved Configure Form Authentication wizard to use the selected Scan Policy settings (Custom headers, proxy, user-agent, etc.) on Start a New Scan dialog
- Improved Cross-site Scripting vulnerability template
- Fixed wrong PDF scaling issue which causes fonts to be rendered very small for report templates
- Fixed DOM Parser InvalidCastException crashes while trying to cast option tags on some cases
- Fixed form "action" value reported wrong on vulnerability details
- Fixed Internal Proxy port value setting upper bound to 65535
- Fixed incorrect attack possibility calculation for XSS confirmation requests
- Fixed dialog sizes on various screen resolutions and DPIs
- Fixed some issues in XSS detecting within script blocks
- Fixed XML attacks where reserved "xmlns" attribute values were being modified
- Fixed a DOM Parser issue on HTML pages with nested form tags
Upgrading your Netsparker Web Application Security Scanner
If you are already using Netsparker Web Application Security Scanner, a pop up window with the upgrade details will pop up the next time you run Netsparker. Alternatively you can always click on Check for Updates from the Help drop down menu to force manual updates as well.
If you have problems with the upgrade or product related queries, get in touch with our awesome support team by sending us an email on firstname.lastname@example.org